File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode
CVE-2023-2068

9.8CRITICAL

Key Information:

Vendor: Wordpress
Status: File-manager-advanced-shortcode
Vendor: CVE Published:; 27 June 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 83%

Summary

The File Manager Advanced Shortcode plugin for WordPress, specifically versions up to 2.3.2, is susceptible to a Remote Code Execution vulnerability. This flaw arises from an inadequate restriction on the uploaded file types permitted when utilizing the shortcode, which allows unauthorized users to upload files with disallowed MIME types, including PHP scripts. Consequently, this vulnerability poses a serious risk as it permits potential exploitation without the need for user authentication.

Affected Version(s)

file-manager-advanced-shortcode 0 <= 2.3.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-2068 - Proof of Concept

References

https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-...

exploitvdb-entrytechnical-description

http://packetstormsecurity.com/files/173735/WordPress-Fil...

EPSS Score

83% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Jun 27, 2023
👾
Exploit known to exist
Jun 27, 2023
Vulnerability published
Jun 27, 2023
Vulnerability Reserved
Apr 14, 2023

Credit

Mateus Machado Tesser

WPScan